SHA1 broken?

Darren Chamberlain dlc at
Wed Feb 16 15:13:44 CET 2005

* Eric Anopolsky <erpo41 at> [2005/02/16 00:48]:
> Does anyone know anything about this?

Bruce Schneier thinks it's probably be true

  SHA-1 has been broken. Not a reduced-round version. Not a simplified
  version. The real thing.


  The paper isn't generally available yet. At this point I can't tell
  if the attack is real, but the paper looks good and this is a
  reputable research team.

So this would be when we start putting:

  digest-algo RIPEMD160

in our gpg.conf, right?


The tools we use have a profound (and devious!) influence on our
thinking habits, and, therefore, on our thinking abilities.
    -- Edsger W. Dijkstra
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : /pipermail/attachments/20050216/61a2411d/attachment.pgp

More information about the Gnupg-users mailing list